[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 14 Feb 2024 14:39:06 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b9c26799 by Moritz Muehlenhoff at 2024-02-14T23:37:11+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46,9 +46,9 @@ CVE-2024-25165 (A global-buffer-overflow vulnerability was 
found in SWFTools v0.
        - swftools <removed>
        NOTE: https://github.com/matthiaskramm/swftools/issues/217
 CVE-2024-24990 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 
QUIC mod ...)
-       TODO: check
+       NOT-FOR-US: Quic module for Nginx
 CVE-2024-24989 (When NGINX Plus or NGINX OSS are configured to use the HTTP/3 
QUIC mod ...)
-       TODO: check
+       NOT-FOR-US: Quic module for Nginx
 CVE-2024-24966 (When LDAP remote authentication is configured on F5OS, a 
remote user w ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2024-24775 (When a virtual server is enabled with VLAN group and SNAT 
listener is  ...)
@@ -120,7 +120,7 @@ CVE-2023-6408 (CWE-924: Improper Enforcement of Message 
Integrity During Transmi
 CVE-2023-5123 (The JSON datasource plugin ( 
https://grafana.com/grafana/plugins/marcu ...)
        NOT-FOR-US: Grafana plugin
 CVE-2023-5122 (Grafana is an open-source platform for monitoring and 
observability. T ...)
-       - grafana <removed>
+       NOT-FOR-US: Grafana plugin
 CVE-2023-52399
        REJECTED
 CVE-2023-52398
@@ -210,7 +210,7 @@ CVE-2023-41252 (Out-of-bounds read in some Intel(R) QAT 
software drivers for Win
 CVE-2023-41231 (Incorrect default permissions in some ACAT software maintained 
by Inte ...)
        NOT-FOR-US: Intel
 CVE-2023-41091 (Uncontrolled search path for some Intel(R) MPI Library 
Software before ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2023-41090 (Race condition in some Intel(R) MAS software before version 
2.3 may al ...)
        NOT-FOR-US: Intel
 CVE-2023-40161 (Improper access control in some Intel Unite(R) Client software 
before  ...)
@@ -304,13 +304,13 @@ CVE-2023-32618 (Uncontrolled search path in some Intel(R) 
oneAPI Toolkit and com
 CVE-2023-32280 (Insufficiently protected credentials in some Intel(R) Server 
Product O ...)
        NOT-FOR-US: Intel
 CVE-2023-31271 (Improper access control in some Intel(R) VROC software before 
version  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2023-31189 (Improper authentication in some Intel(R) Server Product 
OpenBMC firmwa ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2023-30767 (Improper buffer restrictions in Intel(R) Optimization for 
TensorFlow b ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2023-29153 (Uncontrolled resource consumption for some Intel(R) SPS 
firmware befor ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2023-28720 (Improper initialization for some Intel(R) PROSet/Wireless and 
Intel(R) ...)
        - firmware-nonfree <unfixed>
        [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported)
@@ -641,9 +641,9 @@ CVE-2023-45207 (An issue was discovered in Zimbra 
Collaboration (ZCS) 8.8.15, 9.
 CVE-2023-45206 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 
9.0, and ...)
        NOT-FOR-US: Zimbra
 CVE-2023-31347 (Due to a code bug in Secure_TSC, SEV firmware may allow an 
attacker wi ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31346 (Failure to initialize memory in SEV Firmware may allow a 
privileged at ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-4408 (The DNS message parsing code in `named` includes a section 
whose compu ...)
        {DSA-5621-1}
        - bind9 1:9.19.21-1
@@ -792,7 +792,7 @@ CVE-2024-22024 (An XML external entity or XXE vulnerability 
in the SAML componen
 CVE-2024-21491 (Versions of the package svix before 1.17.0 are vulnerable to 
Authentic ...)
        TODO: check
 CVE-2024-1439 (Inadequate access control in Moodle LMS. This vulnerability 
could allo ...)
-       TODO: check
+       - moodle <removed>
 CVE-2024-1420
        REJECTED
 CVE-2024-0566 (The Smart Manager WordPress plugin before 8.28.0 does not 
properly san ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9c267996b29224747c6227644ab5b5c1ab69d94

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b9c267996b29224747c6227644ab5b5c1ab69d94
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to